Construct service configuration urls using kolla_internal_fqdn
Service configuration urls should be constructed using kolla_internal_fqdn instead of kolla_internal_vip_address. Otherwise SSL validation will fail when certificates are issued using domain names. Change-Id: I21689e22870c2f6206e37c60a3c33e19140f77ff Closes-Bug: 1862419
This commit is contained in:
James Kirsch
generalfuzz
parent
4ac7f6f3a0
commit
256322a8fe
|
|
@ -6,7 +6,7 @@
|
|||
kolla_toolbox:
|
||||
module_name: uri
|
||||
module_args:
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ elasticsearch_port }}/_cluster/settings"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}/_cluster/settings"
|
||||
method: PUT
|
||||
status_code: 200
|
||||
return_content: yes
|
||||
|
|
@ -20,7 +20,7 @@
|
|||
kolla_toolbox:
|
||||
module_name: uri
|
||||
module_args:
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ elasticsearch_port }}/_flush/synced"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}/_flush/synced"
|
||||
method: POST
|
||||
status_code: 200
|
||||
return_content: yes
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ grafana_data_sources:
|
|||
database: "telegraf"
|
||||
name: "telegraf"
|
||||
type: "influxdb"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ influxdb_http_port }}"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ influxdb_http_port }}"
|
||||
access: "proxy"
|
||||
basicAuth: false
|
||||
elasticsearch:
|
||||
|
|
@ -48,7 +48,7 @@ grafana_data_sources:
|
|||
name: "elasticsearch"
|
||||
type: "elasticsearch"
|
||||
access: "proxy"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ elasticsearch_port }}"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}"
|
||||
database: "flog-*"
|
||||
jsonData:
|
||||
esVersion: 5
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
kolla_toolbox:
|
||||
module_name: uri
|
||||
module_args:
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ grafana_server_port }}/login"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ grafana_server_port }}/login"
|
||||
status_code: 200
|
||||
register: result
|
||||
until: result.get('status') == 200
|
||||
|
|
@ -17,7 +17,7 @@
|
|||
kolla_toolbox:
|
||||
module_name: uri
|
||||
module_args:
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ grafana_server_port }}/api/datasources"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ grafana_server_port }}/api/datasources"
|
||||
method: POST
|
||||
user: "{{ grafana_admin_username }}"
|
||||
password: "{{ grafana_admin_password }}"
|
||||
|
|
@ -38,7 +38,7 @@
|
|||
kolla_toolbox:
|
||||
module_name: uri
|
||||
module_args:
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ grafana_server_port }}/api/user/helpflags/1"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ grafana_server_port }}/api/user/helpflags/1"
|
||||
method: PUT
|
||||
user: "{{ grafana_admin_username }}"
|
||||
password: "{{ grafana_admin_password }}"
|
||||
|
|
|
|||
|
|
@ -5,5 +5,5 @@ datasources:
|
|||
type: prometheus
|
||||
access: proxy
|
||||
orgId: 1
|
||||
url: http://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ prometheus_port }}
|
||||
url: http://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ prometheus_port }}
|
||||
version: 1
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@
|
|||
kolla_toolbox:
|
||||
module_name: uri
|
||||
module_args:
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ elasticsearch_port }}/.kibana"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}/.kibana"
|
||||
method: PUT
|
||||
body: "{{ kibana_default_index_options | to_json }}"
|
||||
body_format: json
|
||||
|
|
@ -28,7 +28,7 @@
|
|||
kolla_toolbox:
|
||||
module_name: uri
|
||||
module_args:
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ elasticsearch_port }}/.kibana"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}/.kibana"
|
||||
status_code: 200
|
||||
register: result
|
||||
until: result.status == 200
|
||||
|
|
@ -41,7 +41,7 @@
|
|||
kolla_toolbox:
|
||||
module_name: uri
|
||||
module_args:
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ elasticsearch_port }}/.kibana/config/*"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}/.kibana/config/*"
|
||||
method: PUT
|
||||
body:
|
||||
defaultIndex: "{{ kibana_default_index_pattern }}"
|
||||
|
|
@ -56,7 +56,7 @@
|
|||
module_args:
|
||||
headers:
|
||||
Content-Type: application/json
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ elasticsearch_port }}/.kibana"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}/.kibana"
|
||||
method: GET
|
||||
register: kibana_default_indexes
|
||||
run_once: true
|
||||
|
|
@ -75,7 +75,7 @@
|
|||
kolla_toolbox:
|
||||
module_name: uri
|
||||
module_args:
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ elasticsearch_port }}/.kibana/index-pattern/{{ kibana_default_index_pattern }}"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}/.kibana/index-pattern/{{ kibana_default_index_pattern }}"
|
||||
method: PUT
|
||||
body: "{{ kibana_default_index | to_json }}"
|
||||
body_format: json
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ kibana.defaultAppId: "{{ kibana_default_app_id }}"
|
|||
logging.dest: /var/log/kolla/kibana/kibana.log
|
||||
server.port: {{ kibana_server_port }}
|
||||
server.host: "{{ api_interface_address }}"
|
||||
elasticsearch.url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ elasticsearch_port }}"
|
||||
elasticsearch.url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}"
|
||||
elasticsearch.requestTimeout: {{ kibana_elasticsearch_request_timeout }}
|
||||
elasticsearch.shardTimeout: {{ kibana_elasticsearch_shard_timeout }}
|
||||
elasticsearch.ssl.verificationMode: "{{ 'full' if kibana_elasticsearch_ssl_verify | bool else 'none' }}"
|
||||
|
|
|
|||
|
|
@ -189,7 +189,7 @@ monasca_grafana_data_sources:
|
|||
name: "Monasca API"
|
||||
type: "monasca-datasource"
|
||||
access: "proxy"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ monasca_api_port }}"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}"
|
||||
isDefault: True
|
||||
basicAuth: false
|
||||
jsonData:
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
kolla_toolbox:
|
||||
module_name: uri
|
||||
module_args:
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/login"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/login"
|
||||
status_code: 200
|
||||
register: result
|
||||
until: result.get('status') == 200
|
||||
|
|
@ -22,7 +22,7 @@
|
|||
module_name: uri
|
||||
module_args:
|
||||
method: GET
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs"
|
||||
user: '{{ monasca_grafana_admin_username }}'
|
||||
password: '{{ monasca_grafana_admin_password }}'
|
||||
return_content: true
|
||||
|
|
@ -36,7 +36,7 @@
|
|||
module_name: uri
|
||||
module_args:
|
||||
method: POST
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs"
|
||||
user: '{{ monasca_grafana_admin_username }}'
|
||||
password: '{{ monasca_grafana_admin_password }}'
|
||||
body_format: json
|
||||
|
|
@ -52,7 +52,7 @@
|
|||
module_name: uri
|
||||
module_args:
|
||||
method: GET
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs/name/{{ monasca_grafana_control_plane_org }}"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs/name/{{ monasca_grafana_control_plane_org }}"
|
||||
user: '{{ monasca_grafana_admin_username }}'
|
||||
password: '{{ monasca_grafana_admin_password }}'
|
||||
return_content: true
|
||||
|
|
@ -66,7 +66,7 @@
|
|||
module_name: uri
|
||||
module_args:
|
||||
method: POST
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs/{{ monasca_grafana_conf_org.json.id }}/users"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs/{{ monasca_grafana_conf_org.json.id }}/users"
|
||||
user: '{{ monasca_grafana_admin_username }}'
|
||||
password: '{{ monasca_grafana_admin_password }}'
|
||||
body:
|
||||
|
|
@ -87,7 +87,7 @@
|
|||
module_name: uri
|
||||
module_args:
|
||||
method: POST
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/user/using/{{ monasca_grafana_conf_org.json.id }}"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/user/using/{{ monasca_grafana_conf_org.json.id }}"
|
||||
user: '{{ monasca_grafana_admin_username }}'
|
||||
password: '{{ monasca_grafana_admin_password }}'
|
||||
force_basic_auth: true
|
||||
|
|
@ -98,7 +98,7 @@
|
|||
kolla_toolbox:
|
||||
module_name: uri
|
||||
module_args:
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_vip_address | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/datasources"
|
||||
url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/datasources"
|
||||
method: POST
|
||||
user: "{{ monasca_grafana_admin_username }}"
|
||||
password: "{{ monasca_grafana_admin_password }}"
|
||||
|
|
|
|||
|
|
@ -108,7 +108,7 @@ prometheus_mysql_exporter_database_user: "{% if use_preconfigured_databases | bo
|
|||
# 'service_name:blackbox_exporter_module:endpoint' for example:
|
||||
#
|
||||
# prometheus_blackbox_exporter_targets:
|
||||
# - 'glance:os_endpoint:http://{{ kolla_external_vip_address | put_address_in_context('url') }}:{{ glance_api_port}}'
|
||||
# - 'glance:os_endpoint:http://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ glance_api_port}}'
|
||||
#
|
||||
# For a list of modules see the alertmanager config.
|
||||
prometheus_blackbox_exporter_endpoints: []
|
||||
|
|
|
|||
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
Construct service REST API urls using ``kolla_internal_fqdn`` instead of
|
||||
``kolla_internal_vip_address``. Otherwise SSL validation will fail when
|
||||
certificates are issued using domain names.
|
||||
Loading…
Reference in New Issue